|
246041
|
7.5 |
HIGH
Network
|
xerox
|
workcentre_3655i_firmware workcentre_3655_firmware workcentre_5890i_firmware workcentre_5865i_firmware workcentre_5875i_firmware workcentre_5845_firmware workcentre_5865_firmware
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. The…
|
CWE-22
Path Traversal
|
CVE-2018-20769
|
2024-11-21 13:02 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246042
|
9.8 |
CRITICAL
Network
|
xerox
|
workcentre_3655i_firmware workcentre_3655_firmware workcentre_5890i_firmware workcentre_5865i_firmware workcentre_5875i_firmware workcentre_5845_firmware workcentre_5865_firmware
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An …
|
CWE-94
Code Injection
|
CVE-2018-20768
|
2024-11-21 13:02 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246043
|
8.8 |
HIGH
Network
|
xerox
|
workcentre_3655i_firmware workcentre_3655_firmware workcentre_5890i_firmware workcentre_5865i_firmware workcentre_5875i_firmware workcentre_5845_firmware workcentre_5865_firmware
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. The…
|
CWE-20
Improper Input Validation
|
CVE-2018-20767
|
2024-11-21 13:02 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246044
|
9.8 |
CRITICAL
Network
|
helpsystems
|
boks
|
A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation.
|
NVD-CWE-noinfo
|
CVE-2018-20764
|
2024-11-21 13:02 |
2019-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246045
|
7.8 |
HIGH
Local
|
gpac_project debian canonical
|
gpac debian_linux ubuntu_linux
|
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-20763
|
2024-11-21 13:02 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246046
|
7.8 |
HIGH
Local
|
gpac_project debian canonical
|
gpac debian_linux ubuntu_linux
|
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-20762
|
2024-11-21 13:02 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246047
|
7.8 |
HIGH
Local
|
gpac_project debian canonical
|
gpac debian_linux ubuntu_linux
|
GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-20761
|
2024-11-21 13:02 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246048
|
7.8 |
HIGH
Local
|
gpac debian canonical
|
gpac debian_linux ubuntu_linux
|
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-20760
|
2024-11-21 13:02 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246049
|
5.4 |
MEDIUM
Network
|
modx
|
modx_revolution
|
MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.
|
CWE-79
Cross-site Scripting
|
CVE-2018-20758
|
2024-11-21 13:02 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246050
|
6.1 |
MEDIUM
Network
|
modx
|
modx_revolution
|
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
|
CWE-79
Cross-site Scripting
|
CVE-2018-20757
|
2024-11-21 13:02 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|